CVE-2008-1767 – libxslt XSL 1.1.23 - File Processing Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1767
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. Vulnerabilidad de desbordamiento de búfer en pattern.c en libxslt anteriores a 1.1.24, permiten a atacantes, dependiendo del contexto, provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un fichero de hoja de estilo XSL con una condición "transformation match" XSLT larga que dispara un número grande de pasos. • https://www.exploit-db.com/exploits/31815 http://bugzilla.gnome.org/show_bug.cgi?id=527297 http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/30315 http://secunia.com/advisories/30323 http://secunia.com/advisories/30393 http://secunia.com/advisories/30521 http://secunia.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1423 – vorbis: integer oveflow caused by huge codebooks
https://notcve.org/view.php?id=CVE-2008-1423
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. Desbordamiento de entero en ciertos cálculos quantvals y quantlist de Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección a través de ficheros OGG manipulados con un espacio virtual largo de su codebook, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVE-2008-1420 – vorbis: integer overflow in partvals computation
https://notcve.org/view.php?id=CVE-2008-1420
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Desbordamiento de entero en la evaluación de valores en la partición de residuos (también conocido como partvals) en Xiph.org libvorbis 1.2.0 y versiones anteriores permite a atacantes remotos ejecutar código de su elección a través de ficheros OGG manipulados, lo cual dispara un desbordamiento heap. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVE-2008-1419 – vorbis: zero-dim codebooks can cause crash, infinite loop or heap overflow
https://notcve.org/view.php?id=CVE-2008-1419
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Xiph.org libvorbis 1.2.0 y versiones anteriores no maneja apropiadamente un valor cero de codebook.dim, lo cual permite a atacantes remotos provocar una denegación de servicio (caída o bucle infinito) o disparar un desbordamiento de entero. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.debian.org/security/2008/dsa-1591 http://www.mandri • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2007-5001 – kernel asynchronous IO on a FIFO kernel panic
https://notcve.org/view.php?id=CVE-2007-5001
Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. El Kernel de Linux versiones anteriores a la 2.4.21, permite a usuarios locales provocar una denegación de servicio (kernel panic) a través de una entrada o salida asíncrona en un fichero especial FIFO. • http://lists.vmware.com/pipermail/security-announce/2008/000023.html http://osvdb.org/44987 http://secunia.com/advisories/30110 http://secunia.com/advisories/31246 http://www.redhat.com/support/errata/RHSA-2008-0211.html http://www.securityfocus.com/bid/29083 http://www.vupen.com/english/advisories/2008/2222/references https://bugzilla.redhat.com/show_bug.cgi?id=326251 https://exchange.xforce.ibmcloud.com/vulnerabilities/42273 https://oval.cisecurity.org/repository/search/definition • CWE-399: Resource Management Errors •